Btparser
Btparser is a backtrace parser and analyzer, which works with
backtraces produced by the GNU Project Debugger. It can parse a text
file with a backtrace to a tree of C structures, allowing to analyze
the threads and frames of the backtrace and work with them.
Btparser also contains some backtrace manipulation and extraction
routines:
- it can find a frame in the crash-time backtrace where the program
most likely crashed (a chance is that the function described in that
frame is buggy)
- it can produce a duplication hash of the backtrace, which helps to
discover that two crash-time backtraces are duplicates, triggered by
the same flaw of the code
- it can "rate" the backtrace quality, which depends on the number
of frames with and without the function name known (missing function
name is caused by missing debugging symbols)
Btparser also implements metrics allowing to compute a "distance"
or "similarity" between backtraces.
Wishlist
- Describe the implementation
- Timeline
- Implement basic security evaluation from assembly output
- Apport has basic script for this, algorithm looks very reusable,
uses GDB; we need to ask security team for feedback and improvements
on algorithm; for existing backtraces that contain assembly output; in
post-create for coredumps; extend parser to discover and handle
assembly output; evaluating the output; make ABRT use btparser for
this basic security evaluation
- Extend the parser
- extension to provide improved backtrace quality rating; support
for static analysis of packages - extend parser to parser function
call arguments and stack variables - extend parser to map function
calls to build ids (parse build ids)
Homepage